sigv4-lite
v1.0.1
Published
Minimal AWS SigV4 signer for runtimes without Node's crypto module
Maintainers
Readme
sigv4-lite
AWS SigV4 signing for runtimes without Node's crypto module — Cloudflare Workers, Deno, Bun, browsers. Works with S3, R2, B2, Wasabi, and any other SigV4-compatible endpoint.
Zero dependencies. Uses Web Crypto (crypto.subtle) only.
By ProfessionalFlare.
Install
npm install sigv4-liteUsage
Sign a request
import { signRequest } from "sigv4-lite";
const headers = await signRequest({
method: "PUT",
url: "https://s3.us-west-002.backblazeb2.com/my-bucket/my-file.txt",
body: "hello world",
accessKeyId: env.B2_KEY_ID,
secretAccessKey: env.B2_APP_KEY,
region: "us-west-002",
});
const response = await fetch("https://s3.us-west-002.backblazeb2.com/my-bucket/my-file.txt", {
method: "PUT",
headers,
body: "hello world",
});Presign a URL
import { presignUrl } from "sigv4-lite";
const url = await presignUrl({
method: "GET",
url: "https://s3.us-west-002.backblazeb2.com/my-bucket/my-file.txt",
accessKeyId: env.B2_KEY_ID,
secretAccessKey: env.B2_APP_KEY,
region: "us-west-002",
expiresIn: 3600,
});API
signRequest(options)
Returns a headers object with authorization, x-amz-date, and x-amz-content-sha256 set.
| option | type | default | required |
|---|---|---|---|
| method | string | "GET" | no |
| url | string | — | yes |
| headers | object | {} | no |
| body | string | "" | no |
| accessKeyId | string | — | yes |
| secretAccessKey | string | — | yes |
| region | string | — | yes |
| service | string | "s3" | no |
| date | Date | new Date() | no |
presignUrl(options)
Returns a signed URL string valid for expiresIn seconds.
| option | type | default | required |
|---|---|---|---|
| method | string | "GET" | no |
| url | string | — | yes |
| accessKeyId | string | — | yes |
| secretAccessKey | string | — | yes |
| region | string | — | yes |
| service | string | "s3" | no |
| expiresIn | number | 3600 | no |
| date | Date | new Date() | no |
License
MIT
